0

Mozilla, the nonprofit organization behind the popular Firefox browser and other open source projects, today announced the launch of Minion, a new automated security testing platform. The platform is intended to be flexible and easy to use, deploy and extend so that developers can be integrated into virtually any development workflow. Mozilla also announced a partnership with BlackBerry to enable the open source Peach fuzzing framework for testing browsers.

Minion

The Minion project, Mozilla says, started about a year ago and is still very much under active development. Today’s announcement of version 0.3 marks the tool’s first major public outing, though the company has previously talked about it and development of the tool happened in public.

The idea behind Minion is to enable developers to log in to the tool and immediately start scans against their web applications. Currently, the tool features three working extensions (a port scanner, web fuzzer and a penetration testing tool), but the team is working to extend the number of plug-ins, and developers, of course, can also write their own.

It’s worth noting that the Mozilla team is explicitly positioning Minion as a platform and not a security tool. All of the testing features are implemented as plug-ins and Mozilla itself wants to focus on “providing strong abstractions and a reliable, extensible platform without binding the platform to a specific suite of tools.”

Fuzzing With BlackBerry

Mozilla’s collaboration with BlackBerry on the Peach open-source fuzzing framework is pretty straightforward. The idea here is to work together “to advance the Peach fuzzing software for testing Web browsers.” The fuzzing framework throws invalid (and often random) data at a program (in this case, the browser) and looks for crashes that could indicate security issues and memory leaks.

Mozilla says it has already used Peach to perform fuzz tests against some HTML5 features in its browsers and that BlackBerry’s experience in using fuzzers to test its platforms will allow it to plug “directly into BlackBerry’s existing security processes and infrastructure.”

0

CrunchBase

OverviewMozilla is a non-profit organization; and a global community of technologists, thinkers and builders committed to keep the Internet alive and accessible.
The Mozilla project was created in 1998 with the release of the Netscape browser suite source code. After several years of development, Mozilla 1.0, was released in 2002. By 2002, well over 90% of Internet users were browsing with Internet Explorer. …

OverviewBlackBerry provides wireless devices and solutions for the worldwide mobile communications market. It is widely known for the development of the Blackberry smartphone.
It offers the BlackBerry wireless communications platform solution, which includes the commpression and security infrastructure services enabling BlackBerry hand-held wireless devices to send and receive wireless messages and data. …